{"uuid": "fd723d25-2f6c-4aeb-9a20-db71ea1a52e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-68947", "type": "exploited", "source": "https://t.me/thehackernews/8386", "content": "\u26a0\ufe0f\ud83d\udee0\ufe0f Reynolds ransomware embeds its own BYOVD evasion, bundling a vulnerable driver to disable EDR before encryption.\n\nIt drops the NSecKrnl driver (CVE-2025-68947) to kill security tools, reducing detection and affiliate effort.\n\n\ud83d\udd17 Read full attack chain and defense insights \u2192 https://thehackernews.com/2026/02/reynolds-ransomware-embeds-byovd-driver.html", "creation_timestamp": "2026-02-10T14:44:42.000000Z"}